-
Notifications
You must be signed in to change notification settings - Fork 0
Other notes
Sam Duy edited this page Feb 14, 2018
·
1 revision
$ cat ~/.volatilityrc
[DEFAULT]
PROFILE=LinuxuClinux_ARM_VersatilePBARM
LOCATION=file:////masked/sensitive/path/source/uClinux-dist/converted.raw
Source: volatility/plugins/overlays/linux/linux.py
Search for: swapper_pg_dir symbol (x86) or init_level4_pgt (x64).
What is the symbol for uClinux? => ??? (Ref: [BOOK] Page.608)
- Background
- Anatomy of Volatility
- Profile for Volatility
- uClinux profile for Volatility
- Results
- Conclusion
- Advanced topics